735044 – semanage permissive -l tracebacks if SELinux is disabled

Bug 735044 - semanage permissive -l tracebacks if SELinux is disabled

Summary: semanage permissive -l tracebacks if SELinux is disabled

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	policycoreutils
Sub Component:
Version:	6.2
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Daniel Walsh
QA Contact:	Milos Malik
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2011-09-01 09:50 UTC by Milos Malik
Modified:	2013-03-18 11:06 UTC (History)
CC List:	1 user (show)
Fixed In Version:	policycoreutils-2.0.83-19.13.el6
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2011-12-06 15:31:05 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2011:1637	0	normal	SHIPPED_LIVE	policycoreutils bug fix and enhancement update	2011-12-06 00:50:40 UTC

Description Milos Malik 2011-09-01 09:50:43 UTC

Description of problem:


Version-Release number of selected component (if applicable):
policycoreutils-2.0.83-19.12.el6.i686
policycoreutils-python-2.0.83-19.12.el6.i686
policycoreutils-sandbox-2.0.83-19.12.el6.i686
policycoreutils-gui-2.0.83-19.12.el6.i686
policycoreutils-newrole-2.0.83-19.12.el6.i686

How reproducible:
always

Steps to Reproduce:
[root@rhel62 ~]# sestatus 
SELinux status:                 disabled
[root@rhel62 ~]# semanage permissive -l
Traceback (most recent call last):
  File "/usr/sbin/semanage", line 564, in <module>
    process_args(sys.argv[1:])
  File "/usr/sbin/semanage", line 383, in process_args
    OBJECT.list(heading, locallist)
  File "/usr/lib/python2.6/site-packages/seobject.py", line 341, in list
    all = map(lambda y: y["name"], filter(lambda x: x["permissive"], setools.seinfo(setools.TYPE)))
  File "/usr/lib/python2.6/site-packages/setools/__init__.py", line 49, in seinfo
    dict_list = _seinfo.seinfo(setype, name)
RuntimeError: No default policy found.
[root@rhel62 ~]# echo $?
1
[root@rhel62 ~]# 

Expected results:
* either the tool can cope with disabled SELinux and displays permissive domains as expected
* or the tool shows "SELinux is disabled" message as other tools do

Comment 1 Daniel Walsh 2011-09-01 14:48:51 UTC

Milos can you add the following to the end of semanage to make sure it works.

I don't have a disabled machine to test on.

	except RuntimeError, error:
		errorExit(error.args[1])

Comment 2 Milos Malik 2011-09-02 06:52:46 UTC

It didn't work when error.args[1] was used, but it works when error.args[0] is used.

# tail -n 3 /usr/sbin/semanage 
	except RuntimeError, error:
		errorExit(error.args[0])

# sestatus 
SELinux status:                 disabled
# semanage permissive -l
/usr/sbin/semanage: No default policy found.
#

Comment 3 Daniel Walsh 2011-09-03 11:03:29 UTC

Great that is what I was looking for.

Comment 4 Daniel Walsh 2011-09-06 18:33:32 UTC

Fixed in policycoreutils-2.0.83-19.13.el6

Comment 8 errata-xmlrpc 2011-12-06 15:31:05 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1637.html

Note You need to log in before you can comment on or make changes to this bug.